ef277fa194f9ba2b530a456713a3b6c4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ef277fa194f9ba2b530a456713a3b6c4_JaffaCakes118
Size

79KB
MD5

ef277fa194f9ba2b530a456713a3b6c4
SHA1

f7299ff47f7c69dc0624ee02f2bab7787d4cd187
SHA256

0b8ae1447a1de790a830d6d859a28c71d728224dd329d95ff5143bc153fdf30f
SHA512

c5afa108f81d83950797ebda79b89e0e9218df06490f45b2c35c5abd2810f530c1e5bb6d1f86906c7c9e5c702bfabd6d5a8cad68f516a9d97696a3fde2bd4c91
SSDEEP

1536:CTQ42fnt3rsa2bC4iNp6DWdQN0jCfyG3cyBvAYj3u5CQuX+/nqIo:CrGnt34a2+P0DWdQN0jCaGMQRSYQuXGO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ef277fa194f9ba2b530a456713a3b6c4_JaffaCakes118

Files

ef277fa194f9ba2b530a456713a3b6c4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f7b8c1a9b5ceaa2b02ec962b5af10232

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

GetSysColorBrush
SetWindowPos
EnableMenuItem
GetSysColor
EnumWindows
GetMessageA
GetScrollPos
SetWindowTextA
UnhookWindowsHookEx
FrameRect
EqualRect
GetSubMenu
PostQuitMessage

kernel32

GetStartupInfoA
GetThreadLocale
GetSystemTime
SetUnhandledExceptionFilter
VirtualAllocEx
GetTimeZoneInformation
InterlockedExchange
GetTickCount
GetFileAttributesA
FileTimeToSystemTime
ExitProcess
GetTempPathA
RtlUnwind
GetCurrentProcessId

gdi32

CreateCompatibleBitmap
ExcludeClipRect
GetMapMode
SetViewportExtEx
FillRgn
DPtoLP
SelectClipPath
CreateICW
CopyEnhMetaFileA

ole32

CoRevokeClassObject
DoDragDrop
OleRun
CoTaskMemRealloc
CoInitialize
CoInitializeSecurity
CoCreateInstance
StringFromGUID2
StgOpenStorage

advapi32

RegCreateKeyA
RegQueryValueExW
AdjustTokenPrivileges
QueryServiceStatus
CryptHashData
GetUserNameA
FreeSid
RegCreateKeyExW
GetSecurityDescriptorDacl
CheckTokenMembership

msvcrt

fflush
_strdup
strcspn
puts
_lock
raise
strncpy
iswspace
_CIpow
_flsbuf
signal
_fdopen
__setusermatherr
fprintf
__initenv
strlen
_mbscmp
__getmainargs

comctl32

ImageList_DrawEx
ImageList_GetBkColor
CreatePropertySheetPageA
InitCommonControls
ImageList_Destroy
ImageList_ReplaceIcon
ImageList_GetIconSize
ImageList_LoadImageA
ImageList_SetIconSize
ImageList_GetIcon
ImageList_DragEnter
ImageList_LoadImageW
ImageList_Write

shell32

DragQueryFileA
ShellExecuteW
DragAcceptFiles
ExtractIconExW
SHGetPathFromIDList
DoEnvironmentSubstW
ShellExecuteEx
CommandLineToArgvW
DragQueryFileW
ExtractIconW
SHBrowseForFolderA

oleaut32

SafeArrayPutElement
SafeArrayRedim
SysReAllocStringLen
SafeArrayGetUBound
VariantCopy
SafeArrayCreate
SafeArrayUnaccessData
SafeArrayPtrOfIndex

Sections

.text
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f7b8c1a9b5ceaa2b02ec962b5af10232

Headers

File Characteristics

Imports

user32

kernel32

gdi32

ole32

advapi32

msvcrt

comctl32

shell32

oleaut32

Sections

.text Size: 33KB - Virtual size: 32KB

.data Size: 39KB - Virtual size: 39KB

.rsrc Size: 6KB - Virtual size: 34KB

.text
Size: 33KB - Virtual size: 32KB

.data
Size: 39KB - Virtual size: 39KB

.rsrc
Size: 6KB - Virtual size: 34KB